TEMP-0781640-F16931

Источник: debian

Описание

[Signature Bypass in several JSON Web Token Libraries]

Пакет	Статус	Версия исправления	Релиз	Тип
pyjwt	fixed	1.3.0-1		package
pyjwt	fixed	0.2.1-1+deb8u1	jessie	package

Added workaround item to reflect entry fixed status, remove once CVE assigned
CVE Request: https://www.openwall.com/lists/oss-security/2015/04/01/4
https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
ruby-jwt not directly affected, see https://github.com/jwt/ruby-jwt/issues/76